Cybersecurity Operations Engineer I

USA - Virginia - Herndon


Everfox has been defending the world's critical data and networks against the most complex cyber threats imaginable for more than 25 years.

View company page

Intelligent. Dynamic. Resilient. 

Everfox, formerly Forcepoint Federal, has been defending the world’s most critical data and networks against the most complex cyber threats imaginable for more than 25 years. As trailblazers in defense-grade, high assurance cyber security, we have been leading the way in developing and delivering innovative cyber security technology. We protect data wherever it resides. Our unwavering dedication and commitment to our customers and the critical missions they serve are what set us apart. We are dynamic, vigilant, and proactive in everything we do. Our suite of cross domain, threat protection and insider risk solutions empower governments and enterprise organizations to use data safely - where and however their people need it. At Everfox, we innovate, we invest, we achieve. We protect what matters most to our customers. And we offer protection like no other. We do all of this so our customers can focus on what matters most… their mission.

TITLE: Cybersecurity Operations Engineer I 

Job Summary: The Cybersecurity Operations Engineer I plays a pivotal role in safeguarding the organization's digital assets by monitoring, detecting, and responding to security incidents and threats. This position requires a vigilant and detail-oriented professional with a strong understanding of security technologies, incident response, and a proactive approach to mitigating risks. 

Key Responsibilities: 

1. Security Monitoring and Incident Response

  • Level 2 incident response, triage and investigation 

  • security alerts and events to detect potential security incidents and vulnerabilities. 

  • Investigate and analyze security incidents to determine their scope, impact, and the appropriate response. 

  • Document incident details, actions taken, and lessons learned for continuous improvement. 

2. Threat Detection and Analysis: 

  • Monitor and analyze network traffic, logs, and system events to identify patterns and anomalies indicative of security threats. 

  • Stay current with emerging cyber threats and vulnerabilities and adjust monitoring and detection strategies accordingly. 

  • Assist in the identification and remediation of security weaknesses or vulnerabilities. 

  • Vulnerability Management analyst 

3. Security Tool Management: 

  • Level 1 CSP (Cybersecurity Engineering) - administration/monitoring of tools within M365 G5 

  • IDS/IPS admin and monitoring 

  • Assist in the management and configuration of security tools such as SIEM (Security Information and Event Management), intrusion detection systems, and endpoint protection solutions. 

  • Contribute to the tuning and optimization of security tools to reduce false positives and enhance detection accuracy. 

4. Compliance and Reporting: 

  • Assist in maintaining compliance with security policies, procedures, and regulatory requirements. 

  • Research and assist on regular reports on security incidents, monitoring activities, and emerging threats for management and stakeholders. 

5. Security Awareness and Training: 

  • Participate in security awareness and training programs for employees to enhance the organization's overall security posture. 


  • High School Diploma or combination of education, certifications, training or experience 

  • Knowledge in Information Security is preferred. 

  • Relevant certifications, such as CompTIA Security+ and CompTIA Network+ are a plus. 

  • Knowledge of cybersecurity principles, threat landscape, and security technologies. 

  • Strong analytical skills and the ability to identify and respond to security incidents. 

  • Effective communication and teamwork skills to collaborate with incident response teams and other stakeholders. 

  • Strong problem-solving skills and attention to detail. 

  • Experience (nice to have) with the following security tools: Google Chronicle (SIEM), Crowdstrike, Zscaler, Office365, Forcepoint DLP, CyberArk, Device42, RSA,,, Digicert, Intune, Windows Defender 

  • Must be US citizen 

A reasonable estimate of the base salary range for this role is:

$53,040.00-91,052.00 USD

The actual salary offered may vary within the range based on a candidates' unique experience, locale, and business needs. In addition to a base salary and bonus plans, Everfox offers a generous benefits package including flexible PTO, a 401k match, and contribution to healthcare coverages. Our talent acquisition team will provide specific information regarding bonus eligibility and benefits offerings.


Don’t meet every single qualification? Studies show people are hesitant to apply if they don’t meet all requirements listed in a job posting. Everfox is focused on building an inclusive and diverse workplace – so if there is something slightly different about your previous experience, but it otherwise aligns and you’re excited about this role, we encourage you to apply. You could be a great candidate for this or other roles on our team.

The policy of Everfox is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to affirmatively seek to advance the principles of equal employment opportunity. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company’s career webpage as a result of your disability. You may request reasonable accommodations by sending an email to 

Everfox is a Federal Contractor. Certain positions with Everfox require access to controlled goods and technologies subject to the International Traffic in Arms Regulations or the Export Administration Regulations. Applicants for these positions may need to be "U.S. Persons," as defined in these regulations. Generally, a "U.S. Person" is a U.S. citizen, lawful permanent resident, or an individual who has been admitted as a refugee or granted asylum.

Applicants must have the right to work in the location to which you have applied.

Apply now Apply later
  • Share this job via
  • or

Tags: Compliance CompTIA CrowdStrike Cyberark IDS Incident response Intrusion detection IPS Monitoring RSA SIEM Threat detection Vulnerabilities Vulnerability management Windows

Perks/benefits: 401(k) matching Flex vacation Team events

Regions: Africa North America
Country: United States
Job stats:  3  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.